Tag: russia
-
Cryptomining group Kinsing expands operations to Russia, researchers warn
Russia-based cybersecurity firm F6 said the attacks began in April and infected devices with Kinsing and XMRig malware, tools commonly used to mine the cryptocurrency Monero. First seen on therecord.media Jump to article: therecord.media/cryptomining-group-kinsing-hits-russia
-
UK’s Colt hit by cyberattack, support systems offline amid ransom threat
Tags: api, attack, china, communications, cve, cyberattack, data, data-breach, exploit, finance, flaw, group, infrastructure, Internet, microsoft, network, programming, ransom, rce, remote-code-execution, russia, service, software, threat, update, vulnerabilitywith samples on a Russian Tor site.”We’ve seen already this year that telecom is particularly vulnerable to attacks, and I think this WarLock attack highlights some recurring issues that telecom and large-scale network service providers are starting to see,” said Gabrielle Hempel, Security Operations Strategist at Exabeam. “There’s this operational ripple effect when you’re a…
-
Someone’s poking the bear with infostealers targeting Russian crypto developers
If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it First seen on theregister.com Jump to article: www.theregister.com/2025/08/18/solana_infostealer_npm_malware/
-
Water Systems Under Attack: Norway, Poland Blame Russia Actors
Water and wastewater systems have become a favored target of nation-state actors, drawing increasing scrutiny following attacks on systems in multiple countries. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/water-systems-attack-norway-poland-russia-actors
-
Hacker Alleges Russian Government Role in Kaseya Cyber-Attack
In a new investigation launched at DEFCON 33, Analyst1’s Jon DiMaggio revealed probable Russian government involvement in the Kaseya attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hacker-russian-government-kaseya/
-
Russian-Linked Curly COMrades Deploy MucorAgent Malware in Europe
A new report from Bitdefender reveals the Russian-linked hacking group Curly COMrades is targeting Eastern Europe with a… First seen on hackread.com Jump to article: hackread.com/russian-curly-comrades-mucoragent-malware-europe/
-
BlackSuit ransomware crew loses servers, domains, and $1m in global shakedown
US cops yank servers, domains, and crypto from the Russia-linked gang – but the crooks remain at large First seen on theregister.com Jump to article: www.theregister.com/2025/08/12/blacksuit_ransomware_crew_loses_servers/
-
US reveals it seized $1 million worth of Bitcoin from Russian BlackSuit ransomware gang
The United States Department of Justice has revealed that the recent takedown of the BlackSuit ransomware gang’s servers, domains, and dark web extortion site, also saw the seizure of US $1,091,453 worth of cryptocurrency. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-reveals-it-seized-1-million-worth-of-bitcoin-from-russian-blacksuit-ransomware-gang
-
Dutch Investigators Blame Hacks on Multiple Threat Actors
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/12/winrar-zero-day-cve-2025-8088-attacks/
-
Russian APT28’s LameHug, a Pilot for Future AI Cyber-Attacks
While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mitre-russian-apt28-lamehug/
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
Dutch Investigators Blame Multiple Threat Actors on Hacks
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
US government seized $1M from Russian ransomware gang
A global law enforcement coalition targeted the infrastructure of the group behind the Royal and BlackSuit ransomware strains, allegedly responsible for extorting victims out of $370 million since 2022. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/11/u-s-government-seized-1-million-from-russian-ransomware-gang/
-
Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit First seen on theregister.com Jump to article: www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/
-
REvil Actor Accuses Russia of Planning 2021 Kaseya Attack
REvil affiliate Yaroslav Vasinskyi, who was convicted last year for his role in the 2021 Kaseya ransomware supply chain attack, said the Russian government was instrumental to the attack’s execution. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/revil-actor-russia-planning-2021-kaseya-attack
-
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian ‘RomCom’ hacking group to drop different malware payloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/details-emerge-on-winrar-zero-day-attacks-that-infected-pcs-with-malware/
-
House lawmakers seek better tech for Commerce in fight against foreign powers
A bipartisan bill from Reps. Crow and Kean would give the Bureau of Industry and Security IT upgrades to help keep U.S. dual-use technologies away from Russia, China and others. First seen on cyberscoop.com Jump to article: cyberscoop.com/commerce-bureau-of-industry-security-tech-upgrades-china-russia/
-
Finland charges captain of suspected Russian ‘shadow fleet’ tanker for subsea cable damage
In a statement on Monday, Finland’s National Prosecution Authority said they had brought aggravated criminal mischief and aggravated interference with communications charges against the three senior officers aboard the Eagle S, a tanker registered in the Cook Islands. First seen on therecord.media Jump to article: therecord.media/finland-charges-captain-russia-ghost-fleet-undersea-cable
-
WinRAR zero-day exploited by RomCom hackers in targeted attacks
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/11/winrar-zero-day-cve-2025-8088/
-
WinRAR zero day exploited by RomCom hackers in targeted attacks
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/11/winrar-zero-day-cve-2025-8088/
-
WinRAR Zero-Day CVE-2025-8088 Exploited to Spread RomCom Malware
Critical WinRAR flaw CVE-2025-8088 exploited by Russia-linked hackers to spread RomCom malware, update to version 7.13 now to… First seen on hackread.com Jump to article: hackread.com/winrar-zero-day-cve-2025-8088-spread-romcom-malware/
-
Breach Roundup: Chinese Duo Held for Illegal AI Chip Exports
Also: Ukrainian Hackers Find Evidence of Russian Child Abduction. This week, a Chinese duo arrested in Los Angeles for illegal artificial intelligence chip exports back to China, France extradited an accused Nigerian hacker, Ukraine hacked Crimean servers, Florida prison email leak, Tea App clone exposed users’ IDs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-chinese-duo-held-for-illegal-ai-chip-exports-a-29148
-
BlackSuit, Royal ransomware group hit over 450 US victims before last month’s takedown
The Department of Homeland Security said the Russian cybercrime collective received at least $370 million in ransom payments, based on current cryptocurrency valuations. First seen on cyberscoop.com Jump to article: cyberscoop.com/blacksuit-royal-ransomware-450-us-victims/
-
Details emerge on BlackSuit ransomware takedown
The Russian cybercrime group attacked more than 180 organizations before members abandoned the brand and dispersed to new ransomware groups earlier this year. First seen on cyberscoop.com Jump to article: cyberscoop.com/blacksuit-ransomware-takedown/
-
Russia Uses ISPs to Spy on Diplomats, Warns Microsoft
Russian Intelligence Tied to SSL Stripping Attacks Designed for Eavesdropping. Russian intelligence since 2024 has been using their country’s internet service providers to run adversary-in-the-middle attacks designed to infect diplomats inside the country’s borders with intelligence-gathering malware, Microsoft warns. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russia-uses-isps-to-spy-on-diplomats-warns-microsoft-a-29113
-
Hacked Crimean servers reveal information about abducted children, Ukraine says
Ukraine’s military intelligence agency said it hacked into government servers in Russian-occupied Crimea that allegedly contained evidence of Russia’s forced deportation of Ukrainian children from occupied territories. First seen on therecord.media Jump to article: therecord.media/hacked-crimean-servers-abducted-children
-
Microsoft briefly turned off Indian company’s cloud, perhaps due to EU sanctions on Russia
Oh, the irony of Europe demonstrating the importance of the sovereign cloud it craves First seen on theregister.com Jump to article: www.theregister.com/2025/08/04/nayara_energy_microsoft_india/
-
ISS is still leaking air after latest repair efforts fail
Tags: russiaRussian boffins searching for root cause in their segment of the outpost, former cosmonaut says First seen on theregister.com Jump to article: www.theregister.com/2025/08/01/iss_is_still_leaking/
-
Hackers leak purported Aeroflot data as Russia denies breach
Hackers have leaked flight records allegedly belonging to the CEO of the Russian airline Aeroflot following a major cyberattack that grounded flights. First seen on therecord.media Jump to article: therecord.media/hackers-leak-purported-aeroflot-data